5

I want to fully encrypt a disk on Windows 7, but I don't trust Bitlocker and Truecrypt has announced it is not safe (also many rumours about NSA being able to decrypt it and it's better to avoid it).

So what can I use? Open source is better, and what is the most secure encryption combination today?

I see many people still use Truecrypt. Are they at risk of anyone easily accessing their data?

schroeder
  • 125,553
  • 55
  • 289
  • 326
Freedo
  • 2,253
  • 5
  • 19
  • 28
  • http://www.elcomsoft.com/efdd.html this page is telling that is capable of decrypt truecrypt and bitlocker via stealing the keys using memory dump files are that actually true?? – Freedo Jan 01 '15 at 06:38
  • 2
    @Freedom: Probably, but the conditions are unlikely to occur in real life with a security-aware user. Either the encrypted container must be mounted, in which case the decrypted data are available anyway, or the computer must "become hibernated" with the encrypted container mounted. I haven't tested this, but I expect that just waking the computer up would make the encrypted volume available. What the program *can* do is recover the encryption password from the memory image, so one would be able to decrypt again later. – Bob Brown Jan 01 '15 at 12:50
  • 3
    It's not as big a risk as you think. If someone can seize your computer while an encrypted container is open, you're toast anyway. Otherwise, all you have to do is not allow your computer to hibernate while an encrypted container is open. That boils down to *closing encrypted containers* when you're done with them. – Bob Brown Jan 01 '15 at 16:37

2 Answers2

9

Edit: October 3, 2015 An article in IT World for September 29, 2015 reveals the existence of, but doesn't describe fully, two serious flaws in the Windows driver that TrueCrypt installed. It isn't clear from the article whether those flaws compromise the crypto or the underlying Windows OS, or both. It also isn't clear whether that driver is installed only for full-disk encryption or at any time a TrueCrypt volume is in use.

Original answer below:

Older versions of Truecrypt are as safe as they ever were. Unhappily, the safety of older versions has not been conclusively demonstrated, I think. A code audit by others, of which phase one is complete, did not find any problems that significantly weaken the crypto algorithms, and I really doubt anyone, even the NSA, can crack AES unless there's a back door that hasn't been found. (That's a back door in Truecrypt; I'm relatively sure that AES itself is safe.)

That said, I am still trusting an older install of Truecrypt. For you to use Truecrypt, you'd have to put your hands on an old copy of the software. There is what purports to be a copy of Truecrypt 7.1 on Github. The Open Crypto Audit Project says it is verified, and I have no reason to doubt that.

There is also an open source successor, VeraCrypt, which I have not tried.

Bob Brown
  • 5,293
  • 1
  • 19
  • 28
  • You can still download TrueCrypt via sourceforge. – cutrightjm Jan 01 '15 at 05:50
  • @ekaj: The version of Truecrypt on Sourceforge will decrypt Truecrypt containers, but is no longer full-featured. Most especially, it will not encrypt. The authors also state, "Using TrueCrypt is not secure as it may contain unfixed security issues." That is somewhat moot as one cannot really "use" the current software. – Bob Brown Jan 01 '15 at 11:08
  • @Freedom: One would use a super computer for a brute force attack. As far as anyone knows, the most powerful computers today can make about a billion (2^30) guesses per second. Suppose the NSA secretly has a computer that's a million times faster and can make 2^50 tests/second against a 128 bit AES key. It would take 9,577,341,433,815,742 years to break such a key and much longer to break a 256 bit key. A modern crypto algorithm like AES is vulnerable to such an attack *only* if there is an unknown weakness in the algorithm or a back door in the implementation. – Bob Brown Jan 01 '15 at 11:23
  • 1
    @Freedom: It occurs to me that my last comment was a little mysterious. The math is actually easy. If there are no shortcut or back door attacks, there are 2^128 key combinations to test. If you can test 2^50 per second (*as if!*) then it will take 2^78 seconds to test all of them. (128-50 = 78.) If I type "2^78 seconds to years" into Google, it gives the 9 bazillion years of my previous comment. Strictly speaking, one need not test all the combinations; on the average, one would "hit" about halfway through, or "only" 4.5 bazillion years. – Bob Brown Jan 01 '15 at 13:10
  • 1
    @Freedom: Do not confuse "operations per second" with "key tests per second." Testing a single key is likely to take millions of operations. – Bob Brown Jan 01 '15 at 15:01
5

I have yet to see someone break a Truecrypt fully encrypted disk.

In a recent talk by Jacob Appelbaum at the 31st Chaos Communication Congress (by Chaos Computer Club), NSA documents revealed that in 2012 Truecrypt still was a huge problem for them as at that point they could not break the encryption.

Part of NSA document (2012) which reveals Truecrypt is a problem

Now, one should think about why Truecrypt all of a sudden became "compromised". I will let you use your own imagination on this topic.

I still use Truecrypt and consider it "good enough", but that's just an opinion. There are other projects that are porting / fork Truecrypt:

Truecrypt can still be downloaded at: https://truecrypt.ch/, it's called TCNext and they are trying to keep the project alive.

For those interested in the Jacob Appelbaum talk, it can be viewed at the media repository of Chaos Computer Club or via Youtube.

David Foerster
  • 580
  • 4
  • 10
Jeroen
  • 5,813
  • 2
  • 19
  • 26
  • Truecrypt has not been broken. Algorithms are still secure. It has been said that truecrypt is not secure this is not the case. The only security risks you take with using truecrypt is someone can attempt to brute-force your password so it is wise to use a long password and that no further support will be provided for truecrypt. – Tim Jonas Jan 01 '15 at 12:56